Windows command line scripts was for a long time the only way for scripting windows. With the Windows PowerShell you have can write scripts more like an program in object oriented way. Starting with Windows 7 it is preinstalled with version 2.0 but can as well installed under Windows XP or Vista. Windows 8 will ship with version 3.0 which adds windows work flow foundation functionality. Windows 7 ships with an IDE for PowerShell called Windows PowerShell ISE”. Scripts stored in files with .ps1 suffix. A sample hello world looks like this:
echo "hello world"
Save the content in a file called hello.ps1. Start the powershell by searching for powershell in the windows 7 search box above the start button and with right click to run as administrator. Change the current folder with cdto the one where you saved your first powershell script. Run your script with
.\hello.ps1
Unfortunately you get a PSSecurityException because powershell script execution is controlled by an security policy. Like Java signed jars you must sign your scripts and set the policy to execute only signed scripts
Set-ExecutionPolicy Restricted
Powershell accepts self signed certificates and can be created by the makecert command. Makecert is part of the windows SDK. Download the installer and run through the wizard steps. At the last screen deselect all parts and check only the tools under first section called Windows Native Code Development. Open a command shell with shift and right click on the folder C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin. Enter the following commands to create a authority:
makecert -n "CN=PowerShell Local Certificate Root" -a sha1 -eku 1.3.6.1.5.5.7.3.3 -r -sv root.pvk root.cer -ss Root -sr localMachine
and the following command to create a self signed certificate
makecert -pe -n "CN=PowerShell User" -ss MY -a sha1 -eku 1.3.6.1.5.5.7.3.3 -iv root.pvk -ic root.cer
The following command in the powershell show your created certificate:
Get-ChildItem cert:\CurrentUser\My -codesign
Now we can sign our first script with the following command
Set-AuthenticodeSignature .\hello.ps1 @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0]
Run now your signed script with
.\hello.ps1
with prints
hello world
Powershell scripts can use profile scripts to store common functions for own scripts, functions,.. Enter the following command to your standard profile file
$profile
Open the file or create it with a text editor and paste the following
function sign ($filename) {
$cert = @(gci cert:\currentuser\my -codesigning)[0]
Set-AuthenticodeSignature $filename $cert
}
Sign the profile file
Set-AuthenticodeSignature $profile @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0]
Write now your own little powershell script like test.ps1. The sign function can now be used like this
sign .\test1.ps1